FORENSIC6 – Traffic In The Clear

For this challenge we have this description:

We got this capture by listening in over the interstellar network which isn’t as secure as people may think. In any event, there is a little bit of content in here that could be useful to us in our explorations, think you can warm up with this challenge?

Can you find the flag?


And a pcapng file. Opening the file using WireShark and filtering for HTTP traffic we can see the message: Please use the interstellar internet connection and the HTTPs protocol for access to the Ferro site. This page is now defunct after moving offworld, and you can see notes.txt for more information.

Looking at the notes.txt content we can see the flag: IGE{PCAP_FILE_EXTRACTION_IS_NOT_HARD}

